INFCSA-2023:6551: yajl security update

Information about definition

Identificator: INFCSA-2023:6551

Type: security

Release date: 2025-09-24 20:03:00 UTC

Information about package

Yet Another JSON Library (YAJL) is a small event-driven (SAX-style) JSON parser written in ANSI C, and a small validating JSON generator.

Vulnerabilities description

  • CVE-2023-33460

    There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.

Severity level

CVE Score CVSS 2.0 Score CVSS 3.x Score CVSS 4.0
no information 6.5 no information
Critical, important, moderate, low

Updated packages

loader icon Preparing to download...
Architecture: Download